One of the key elements of security in Windows 7 is that it prevents applications running under a standard user's token from writing to system folders in the file system and to machine-wide keys in the registry, while at the same time enabling users with a standard account to run applications without running into "access denied" roadblocks . Many applications that require administrator-level access are still in use in Windows 7, but standard users can run them without hassle . That's because in Windows 7, UAC uses registry virtualization to redirect attempts to write to subkeys of HKLM\Software . (Settings in HKLM apply to all users of the computer, and therefore only administrators have write permission .) When an application attempts to write to this hive, Windows writes instead to a per-user location, HKCR\VirtualStore\Machine\Software . Like file virtualization, this is done transparently; the application (and all but the most curious users) never know this is going on behind the scenes
Was this article helpful?